diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-11-03 19:37:50 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-11-03 19:37:50 +0300 |
| commit | 1edb3fe87ecc118fef822359eeb7b4c099fb1fad (patch) | |
| tree | e3bb6398d5221fbaf76c630fbc82b03841306319 | |
| parent | 383a918689f631a63bd827a6efb601849b87086f (diff) | |
[release/v7.3.0] Add TSAUpload for APIScan (#18451)release/v7.3.0
4 files changed, 25 insertions, 15 deletions
diff --git a/tools/guardian/tsaconfig-apiscan.json b/tools/guardian/tsaconfig-apiscan.json new file mode 100644 index 0000000000..3cadeccff3 --- /dev/null +++ b/tools/guardian/tsaconfig-apiscan.json @@ -0,0 +1,6 @@ +{ + "codebaseName": "PowerShellCore_201906", + "tools": [ + "APIScan" + ] +} diff --git a/tools/guardian/tsaconfig-others.json b/tools/guardian/tsaconfig-others.json new file mode 100644 index 0000000000..1f44978032 --- /dev/null +++ b/tools/guardian/tsaconfig-others.json @@ -0,0 +1,7 @@ +{ + "codebaseName": "PowerShellCore_201906", + "tools": [ + "CredScan", + "PoliCheck" + ] +} diff --git a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml index c972106195..aa81407e3e 100644 --- a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml +++ b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml @@ -121,6 +121,12 @@ jobs: GdnExportGdnToolApiScan: true #this didn't do anything GdnExportCustomLogsFolder: '$(Build.ArtifactStagingDirectory)/Guardian' + - task: TSAUpload@2 + displayName: 'TSA upload' + inputs: + GdnPublishTsaOnboard: false + GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\tools\guardian\tsaconfig-APIScan.json' + - pwsh: | Get-ChildItem -Path env: displayName: Capture Environment diff --git a/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml b/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml index eb0400bc3f..13603a0c80 100644 --- a/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml +++ b/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml @@ -35,7 +35,7 @@ jobs: debugMode: false continueOnError: true - - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1 + - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2 displayName: 'Run PoliCheck' inputs: # targetType F means file or folder and is the only applicable value and the default @@ -54,24 +54,15 @@ jobs: optionsUEPath: $(Build.SourcesDirectory)\tools\terms\TermsExclusion.xml continueOnError: true - - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2 + - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3 displayName: 'Publish Security Analysis Logs to Build Artifacts' continueOnError: true - - task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@1 - displayName: 'TSA upload to Codebase: PowerShellCore_201906' + - task: TSAUpload@2 + displayName: 'TSA upload' inputs: - tsaVersion: TsaV2 - codeBaseName: 'PowerShellCore_201906' - uploadFortifySCA: false - uploadFxCop: false - uploadModernCop: false - uploadPREfast: false - uploadRoslyn: false - uploadTSLint: false - uploadCredScan: true - uploadPoliCheck: true - uploadBinSkim: false + GdnPublishTsaOnboard: false + GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\tools\guardian\tsaconfig-others.json' - task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@1 displayName: 'Create Security Analysis Report' |